Users login

Create an account »


Users login

Home » Hacking News » MasterCard bites back on credit card hacking

MasterCard bites back on credit card hacking

by Nikola Strahija on October 17th, 2002 A rise in credit card transactions via the Internet, phone and mail-order is prompting card heavyweights to push tougher data security standards for merchants, MasterCard said today.

MasterCard executives said the increase in so-called "card-not-present" transactions was one of the key reasons for card heavyweights to promote tougher security standards for merchants. MasterCard is, one executive said, in the early stages of piloting a series of site data protection standards for merchants with one of Australia's large banks, with the project expected to be extended to other banks in Australia by the second quarter of 2003.

The initiative largely mirrors a project being undertaken by rival card heavyweight Visa International, which plans shortly to trial a series of minimum e-commerce and data security standards for merchants with medium-to-large transaction volumes.

Kees Kwakernaak, the vice-president, emerging technologies and acquiring for MasterCard Australasia, told ZDNet Australia the new standards being pushed by MasterCard were designed to protect merchants against the activities of hackers. The standards, designed to cover methods of gaining access to a merchants' online environment, would include stringent testing of merchant firewalls.

Kwakernaak declined to name the bank the trial is being undertaken with, saying it was their prerogative to publicise their involvement if they so wished.

"There's a move in the credit industry from a card-present to a card-not-present environment, including Internet, mail-order and telephone, where you cannot see the physical card, you cannot check the signature," Kwakernaak said.

He told ZDNet Australia that while MasterCard did not release fraud figures by those undertaken at point-of-sale or online, "the card-not-present channel is increasing and there are certain security issues around those channels that are becoming apparent". However, he stressed that "most fraud still happens in the real world".

He said the standards were also designed to "help redress the balance" for merchants and their banks, who bore the cost if a customer denied a transaction undertaken using a credit card.

Kawakernaak denied that credit card usage via the Internet had a severe image problem with consumers concerned over the security of their details. He said usage of the channel was increasing and while some consumers had issues with the online environment, the overall perception was positive.

He said the standards being implemented by MasterCard would complement the increasing usage by merchants of the card-holder verification code (CVC) 2 standard. The standard allows merchants to ask customers to quote a three-digit number on the back of a credit card as a secondary means of authentication.

Australian banks are also poised shortly to implement a username and password system for credit card transactions undertaken over the Internet.

Kwakernaak also said MasterCard was examining new biometric technologies, but was still several years away from adopting them in a widespread fashion.

- article available from -

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »